Google engineer proves any iPhone app with permission to access the camera is capable of s...

Posted:
in iOS edited October 2017
A Google engineer has demonstrated it is possible for a malicious iOS app to spy on a user, with a proof of concept app capable of photographing or recording from both iPhone cameras without the user's knowledge, all by exploiting the permissions granted by the user allowing access to the cameras.




Researcher Felix Krause, founder of Fastlane.Tools, created the watch.user concept app to show how far the camera permissions could be pushed, reports The Next Web. Once granted, Krause advises it is possible for an app to photograph and record from the cameras any time the app is in the foreground, without informing the user the images and video are being captured with flashes or other indicators.

Krause also claims it can then upload the images and video to an app's servers, including broadcasting a live feed from the iPhone itself. It is suggested that it is possible for a malicious developer to determine the user's location based on the image data, and to run facial recognition on still frames to find other photos of the user or to discover their identity.

A video demonstrating the test app's capabilities also shows it can also track the movements of the user's mouth, nose, eyes, and the entire face, and can even determine the mood of the user based on their facial expressions. Krause advises this part uses the Vision framework introduced in iOS 11, designed to allow developers to track a user's facial movements.

Notably, the issue is only a problem if the app is in the foreground, but Krause highlights that this could still cause privacy problems. For example, if a user decides to browse a social app while in the bathroom, and the app includes such code, it would be theoretically possible for it to record the user in a somewhat compromising position.





To answer criticism that people would never grant camera permissions, Krause warns many users will have already provided access to their image libraries and cameras to social networks and messaging apps, which could be updated with the malicious code.

Krause suggests worried users could protect themselves by using camera covers which block out the camera's view entirely, claimed by the researcher to be "the only real safe way." It is also suggested for users to revoke camera access for all apps, to always use the build-in camera app, and to use the image picker of each app to select the photograph to publish, or to use Copy and Paste to move the image to the application.

The researcher has disclosed the issue to Apple, at the same time as making some suggestions for how to avoid this from becoming a long-term issue. Suggestions include providing apps temporary access to the camera, and putting an icon in the status bar showing the camera is active and forcing the status bar to be visible when an app accesses the camera.

On the hardware side, Krause suggests adding an LED to the camera modules on both sides that cannot be kept off by sandboxed apps. This would be similar to the LED used by the MacBook, which lights up whenever the camera is in use, but it is doubtful Apple would make such a change to the iPhone's design, given the evolution of the top bezel to a notch in the iPhone X.

This is not the only potential security hole in iOS that Krause has discovered. Earlier this month, Krause disclosed another proof of concept app that displayed a popup similar to one used to enter an iTunes or Apple ID password, which could theoretically be used to steal a user's credentials.
«13456

Comments

  • Reply 1 of 103
    clemynxclemynx Posts: 1,509member
    A running app to which I gave permission can use the camera. SHOCKER !!
    [Deleted User]anton zuykovjbdragonargonauttdknoxStrangeDaysrandominternetpersonpscooter63edredjony0
  • Reply 2 of 103
    C'mon man! This always make me wonder why the Google team does not focus on fixing the huge list of Android flaws instead of getting so dedicated to helping other companies.
    macxpressjbdragonajlpscooter63jony0EsquireCatswatto_cobra
  • Reply 3 of 103
    steven n.steven n. Posts: 1,108member
    OMG!!!! Stop the presses... An App with permission to use the camera can.... OMG!!!! USE THE CAMERA!!!!.

    Is this a serious news item?
    spacekidjbdragontdknoxrandominternetpersonpscooter63edredjony0lolliverasdasdwatto_cobra
  • Reply 4 of 103
    jd_in_sbjd_in_sb Posts: 1,483member
    Alert: Apps that have permission to use the microphone can listen to you!
    Solitdknoxandrewj5790lolliverwatto_cobra
  • Reply 5 of 103
    Google engineer straining for IOS gnats while swallowing Android camels.
    mike54caliandrewj5790SpamSandwichEsquireCatslolliverwatto_cobra
  • Reply 6 of 103
    gatorguygatorguy Posts: 20,282member
    steven n. said:
    OMG!!!! Stop the presses... An App with permission to use the camera can.... OMG!!!! USE THE CAMERA!!!!.

    Is this a serious news item?
    It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it. Worse any app that you've now granted camera permission can now records images whenever the app is open even if you don't intend to use the function yourself.

    So why would a social app for instance be interested in doing this? Since the ability to take photos/video without the user's knowledge or explicit consent is now granted every time the app is in the foreground "... facial recognition could be used to identify you, and even use facial expression analysis to measure your emotional response to things like ads displayed in the feed."

    If you watch the posted video you will better understand the possible concern. 
    edited October 2017 muthuk_vanalingamairnerdtdknoxdysamoriaanantksundaramsingularity
  • Reply 7 of 103
    airnerdairnerd Posts: 646member
    problem identified, apple will solve it. 


    caliwatto_cobra
  • Reply 8 of 103
    rob53rob53 Posts: 2,007member
    gatorguy said:
    steven n. said:
    OMG!!!! Stop the presses... An App with permission to use the camera can.... OMG!!!! USE THE CAMERA!!!!.

    Is this a serious news item?
    It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it. 

    If you watch the posted video you will better understand the possible concern. 
    In other words, the Google concept app is malware/spyware and something Apple needs to watch for when approving apps. I presume he created the app and ran it through the iOS simulator (or ran it on a jailbroken iOS device) because he mentions on his website that "I didn’t submit the demo to the App Store; however, you can very easily clone the repo and run it on your own device." Would Apple have caught this type of spyware app? I call it spyware because it probably violates Apple developer rules relating to camera use.
    StrangeDaysrandominternetpersonpscooter63jony0lollivergilly33watto_cobra
  • Reply 9 of 103
    brucemcbrucemc Posts: 1,520member
    How is this addressed in Android?
    lordjohnwhorfinStrangeDaysrandominternetpersondysamorialolliverasdasdwatto_cobra
  • Reply 10 of 103
    profprof Posts: 76member
    gatorguy said:

    It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it. 
    Err, if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?
    longpathtdknoxjony0lolliver
  • Reply 11 of 103
    steven n.steven n. Posts: 1,108member
    gatorguy said:
    steven n. said:
    OMG!!!! Stop the presses... An App with permission to use the camera can.... OMG!!!! USE THE CAMERA!!!!.

    Is this a serious news item?
    It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it. 
    WTF? Are you serious? "It's intended use is done and over?" Are you serious? You grant the app permission to use the camera. It can capture image streams from that point on. Do you really want to get granularity to use the camera for 3 seconds every 60 seconds on the third day of each week but only when it is a full moon in the last week of the next month?

    The camera is NOT hardwired to any display device and this allows the application to do all sorts of real time effects BEFORE displaying them or it can simply discard the data.

    THIS IS THE POINT OF THE CAMERA!!! From Android to Windows Mobile to iOS. THIS IS HOW THE CAMERA WORKS!!!

    Then uploading the data? This is what a smartphone DOES. Ii INTERFACES to the internet. Have you head of apps like Instagram? Snapchat? Facebook? Can an app be evil (like all the crap showing up in the Play Store shows)? Yes. Could an app be legitimately designed to record video without any visual indication? Absolutely. I am thinking of a wildlife trip camera where the visual notification or the display turning on would scare the wildlife.

    That said, a very small LED on the front and back would be... interesting. Distracting and something I would personally want to shut off, but interesting.

    But this is a 100% WTF is this guy smoking? He should not go into work high or think the epiphanies he gets while high on the most recent weed is really a true epiphany.
    Grimzahnlolliver
  • Reply 12 of 103
    gatorguygatorguy Posts: 20,282member
    prof said:
    gatorguy said:

    It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it. 
    Err, if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?
    Well an obvious example would be if you did not intend for it to be surreptitiously taking a photo of you and your surroundings while your were using it, or while reading a news item in the feed not have any idea it was video-recording your reaction to it. 
    airnerdavon b7
  • Reply 13 of 103
    steven n.steven n. Posts: 1,108member
    gatorguy said:
    prof said:
    gatorguy said:

    It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it. 
    Err, if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?
    Well an obvious example would be if you did not intend for it to be surreptitiously taking a photo of you and your surroundings while your were using it, or while reading a news item in the feed not have any idea it was video-recording your reaction to it. 
    You didn't answer the question. 'if the app is in foreground then it is actively used. How would you distinguish between "intended" and "unintended" use?'

    You simply gave another off=the=wall hypothetical like: I discovered a new use for baseball bats. To break windows!!!! We should design baseball bats to know when they are being used to break a window and turn to water.
    StrangeDaysrandominternetpersonpscooter63lolliver
  • Reply 14 of 103
    This guy needs a mental evaluation. Must be one of those diversity recruits.
  • Reply 15 of 103
    steven n.steven n. Posts: 1,108member
    brucemc said:
    How is this addressed in Android?
    What issue? Of the camera being used when it is granted rights to use it? How is this "an issue?"
  • Reply 16 of 103
    sflocalsflocal Posts: 4,498member
    It's amazing a google engineer has the time to spend finding iOS vulnerabilities when Android itself is one large security hole in itself.

    Just saying... is he bored at Google, or perhaps needed the challenge?
    spacekidmike54ericthehalfbeecalipscooter63jony0lolliverargonautwatto_cobra
  • Reply 17 of 103
    maestro64maestro64 Posts: 4,479member
    Some google engineer is using his 10% free time to work on his own ideas came up with this. So Android is litter with security holes so this guy set out to say iPhone had similar holes. Yep signs of a desperate company.
    edited October 2017 spacekidmike54calipscooter63lolliverargonautwatto_cobra
  • Reply 18 of 103
    mjtomlinmjtomlin Posts: 1,820member
    gatorguy said:
    steven n. said:
    OMG!!!! Stop the presses... An App with permission to use the camera can.... OMG!!!! USE THE CAMERA!!!!.

    Is this a serious news item?
    It can continue to use the camera even after the intended use is done and over. For instance from the Facebook app you take a pic to post. But if Facebook wanted to be evil that allows the app to continue recording images that you would not have explicitly authorized and continue doing so minute by minute with no way for a user to know it was happening. That's what he brought to Apple's attention. The camera permission does not restrict the camera use to only what the user would intend to grant it. Worse any app that you've now granted camera permission can now records images whenever the app is open even if you don't intend to use the function yourself.

    So why would a social app for instance be interested in doing this? Since the ability to take photos/video without the user's knowledge or explicit consent is now granted every time the app is in the foreground "... facial recognition could be used to identify you, and even use facial expression analysis to measure your emotional response to things like ads displayed in the feed."

    If you watch the posted video you will better understand the possible concern. 

    "Intended use"

    There is nothing new here. Access to the camera was granted by the user and dialog explicitly says "To take pictures and detect your face". If that developer abuses that access and uses it beyond what they've told the user, then it's up to Apple to catch that and shut it down. Apple has guidelines about recording ... there has to be a clear indicator that the camera is "recording".

    Allowing an app access to specific hardware and data has ALWAYS been a one time only authorization with an option to disable it later should the user choose to do so. Settings - > Privacy

    The user has always only been able to assume that the app was only doing what it says it's doing with that granted permission.

    Apple's entire vetting process was designed to make sure these apps were/are behaving appropriately. I'm pretty sure that whenever an app asks for access to something, it signals a flag and Apple jumps all over every instance that app accesses those API's and makes sure it isn't breaking any rules.

    ---------

    But yes, I could write an app, install it on my iPhone, and I could have it record video constantly. In fact, I don't have to follow ANY of Apple's guidelines and rules when I install my own apps. The problem is, my app would never make it on to the App Store because of that. In fact, I wrote my own workout app that constantly listens for audio, so I can give it specific commands. But that's an app I wrote for my own use.

    There's nothing new here. It's another attempt to try and cast Apple in a bad light.


    edited October 2017 macplusplustdknoxcalipscooter63propodlollivergilly33argonaut
  • Reply 19 of 103
    jdgazjdgaz Posts: 348member
    brucemc said:
    How is this addressed in Android?
    In android the illicitly gained material is being catalogued. It will be sold to the highest bidder or can be purchased back from Google for the price of your firstborn child.
    mike54StrangeDayscaliandrewj5790lolliverargonautwatto_cobra
  • Reply 20 of 103
    So, let me make sure I understand this. You mean if you give an app permission to use the camera, it may actually use the camera?
Sign In or Register to comment.